<?php

	// Session
	session_start();

	
	// Integrimi i skedave sistemore
    include('../include/functions.inc.php');
	include('../include/template.class.php');
	
	// Project
	$PROJECT = setProject();
	
	
	// Ndyshoret primare
	define('TPL','../include/styles/'.$PROJECT['style'].'/members/password.html');
	define('CAT',"members");
	
	
	// Inicializimi i shablonave
	$tmp = new Template(TPL,$PROJECT['lang']);
	
	
	// OPTIONS
	$tmp->setOptions($_POST);
	
	// Labels
	$tmp->setLabels();
	
	// MENUES
	$tmp->setContent("CATEGORY",$tmp->menu("category","../members")); 
	$tmp->setContent("FOOTMENU",$tmp->menu("foot"));
	
	
	// Permbajtja e faqes %content%
	$tmp->setContent("HELP",$tmp->xmlContent("password"));
	
	
	// Submit Form
	if (isset($_POST['email'])) {
		// Post ndyshoret
		$email = trim($_POST['email']);
		$date = $_POST['date'];
		$month = $_POST['month'];
		$year = $_POST['year'];
		$try = $_POST['try'] + 1;
		$_POST['try']++;
		
		// Lidhu me arkiven
		dbOpen('comunity');
		
		// NULL EMAIL
		if(empty($email)) 
			$ERROR['email'] = "null";
		// SYNTAX EMAIL
		elseif(!ereg("^[-A-Za-z0-9_]+[-A-Za-z0-9_.]*[@]{1}[-A-Za-z0-9_]+[-A-Za-z0-9_.]*[.]{1}[A-Za-z]{2,5}$", $email))
			$ERROR['email'] = "syntax";
		// VALUE EMAIL
		else {
			
			// Pyetsori
			$query = mysql_query("SELECT id FROM users WHERE email = '$email'");
			
			// Kontrollo a ekziston nje email i till
			if (mysql_num_rows($query) == 0)
				$ERROR['email'] = "value";
		}

		
		// NULL BIRTHDATE
		if(empty($date) || empty($month) ||empty($year) )
			$ERROR['birthdate'] = "null";
		// VALUE BIRTHDATE, IF ERROR EMAIL IS EMPTY
		elseif(empty($ERROR['email'])) {
			
			// Defino ditelindjen e vizitorit ne baze te emailit te tij
			$result = mysql_fetch_assoc(mysql_query("SELECT id,sex,name,birthdate FROM users WHERE email = '$email'"));
			
			// Transformo daten ne ndyshore
			list($viti, $muaji, $data) = split(" ", date("Y n j",$result['birthdate']));
			
			if ($date != $data || $month != $muaji || $year != $viti)
				$ERROR['birthdate']  = "value";
		}

		
		// Nese nuk ka asnje gabim
		if(empty($ERROR)) {
			
			// Gjenerimi i fjalkalimit te ri ne gjatesi prej 8 shkonjave ose numrave
			$newPassword = generatePassword(8);
			
			// Pyetsori per arkivim te fjalkalim it te ri
			$query = "UPDATE users SET password = '".$newPassword."' WHERE id = '".$result['id']."'";
			
					// Nese insertimi ka sukses dergo emailin per konfirmim te llogaris
			if(mysql_query($query)) {
				
				// MAIL TEMPLATE
				$tmpMail = new Template("../include/styles/default/sendmail/password.html",$PROJECT['lang']);
				
				// XML INCLUDING
				$path = "../include/lang/".$PROJECT['lang']."/mail.xml";
				$xmlMail = simplexml_load_file($path);
				
				// Ndyshoret per zevendesim ne HTML shabllon
				$USER['subject'] = html_encrypt($xmlMail->password->subject);
				$USER['noreplay'] = nl2br($xmlMail->noreplay->body);
				$USER['content'] = nl2br($tmpMail->xmlLink($xmlMail->password->body));
				$USER['senddate'] = setDate();
				
				// Konverto ndryshoret ne HTML shabllon
				$tmpMail->setContent($USER);
				
				// Ndyshoret per zevendesim ne XML shabllon
				$USER['name'] = $result['name'];
				$USER['password'] = $newPassword;
				$USER['sex'] = ($result['sex'] == 1) ? "|mister|" : "|misses|";
				
				// Konverto ndryshoret ne shabllonin e Acountit
				$tmpMail->setXMLVars($USER);
				
				
				// Konverto emrtimet ne shabllon
				$tmpMail->setLabels();
				
				// HEADERS				
				$header = 'MIME-Version: 1.0' . "\r\n";
				$header .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";					
				$header .= "From: ".$PROJECT['name']." <".$PROJECT['noreplay'].">\r\n";
				
				// SEND MAIL
				mail($email, $USER['subject'], $tmpMail->vorlage, $header);
				
				// Rilexo faqen me porosin per sukses
				header('Location: ../message.php?sid=password&id=success'); 
				exit;
			}
			else {
				
				// Rilexo faqen me porosin per sukses
				header('Location: ../message.php?sid=password&id=error'); 
				exit;
			}
		}
		else {
			
			// Nese vizitori provon me shume se 2 here te ndyshoj passwordin
			// Kjo llogaritet si SPY script dhe nderpitet ekzekutimi i scriptit
			if($try > 3) {
				header('Location: ../message.php?sid=password&id=error'); 
				exit;
			}	
		}
	}
	
	// Convert POST and ERROR vars in Form
	$tmp->setForm($_POST,$ERROR);
	
	// Dhe cdo gje ka nje fund, trego faqen						  
	echo $tmp->vorlage;
?>